REFLECT
From fragmented understanding to federated sensemaking
Doc-Reads
new operating model for European resilience
At the European Resilience Summit in London, a new format was tested for the first time: the Doc-Read. Inspired by structured working-document practices in high-performance organisations, the approach replaced traditional presentations with a deliberately simple mechanism; silent reading followed by structured collective challenge.
TEXT: SANDER HULSMAN IMAGES: EUROPEAN RESILIENCE SUMMIT
Instead of audiences receiving polished narratives, participants were asked to engage directly with dense, unmediated texts. The intention was not communication efficiency, but cognitive alignment: creating a shared reference point before discussion begins.
What emerged across four parallel Doc-Read sessions was not only a set of thematic insights on European resilience. It was also an implicit demonstration that the method itself may be as significant as the content it produces. This article captures both.
Shift in governance practice
The Doc-Read format, introduced by Philipp Müller, co-founder of the European Resilience Summit, builds on a principle that is deceptively simple: complex ideas degrade when they are only discussed verbally. In traditional summit settings, ideas are often presented as narratives, interpreted differently by audiences, and partially lost after the session.
The Doc-Read reverses this sequence. Participants first engage with a shared document in silence, typically for 10 minutes, before entering discussion. The author may provide a minimal introduction, but the core interaction is always with the text itself.
The key design principle is that documents are not static outputs, but evolving artefacts. Every discussion is expected to improve the document. No version survives unchallenged. In Müller’s framing: no document survives a reading unscathed. This transforms the process from presentation to structured refinement; a form of collective sensemaking designed for ambiguity-heavy environments.
At ERS London, participants rotated across four parallel Doc-Read rooms, ensuring cross-pollination of perspectives through structured exposure rather than passive attendance. The result was not only thematic depth, but also methodological convergence: a shared recognition that resilience discourse requires new operating mechanics, not just better arguments.
Philipp Müller provides an explanation of the new Doc-Read format
Doc-Read I: Situational awareness first (Capgemini)
The first session focused on a structural gap in European resilience: the absence of a shared, real-time Common Operating Picture (COP) across the European Union and the United Kingdom. The premise was straightforward but systemic: hybrid threats do not respect institutional boundaries. They exploit seams; between cyber and physical infrastructure, between national jurisdictions, and between public and private operational domains.
A plausible scenario illustrated the point. A sequence of seemingly contained incidents, like sabotage of an energy substation, cyber disruption of a logistics provider, coordinated disinformation campaigns, and distributed denial-of-service attacks, remained individually manageable. Together, however, they created systemic instability through synchronisation failure rather than structural collapse.
The key issue is not the absence of data. Europe already has strong mechanisms, including crisis coordination frameworks, cybersecurity networks, and civil protection systems. The issue is fragmentation.
Operational intelligence remains segmented across sectoral silos, national jurisdictions, and institutional mandates. Private operators further complicate the picture, as critical signals often originate in network and security operations centres outside government visibility.
The central conclusion is that resilience begins with synchronisation. Without a federated real-time COP, Europe remains structurally blind at its seams; precisely where hybrid campaigns are designed to operate.
The proposed direction is not centralisation, but federation: a signal-based architecture where typed, standardised events can be shared across trusted interfaces without transferring underlying data ownership.
Manuel Höferlin, Vice President Digital Strategy & Resilience at Capgemini
Doc-Read II: Resilience requires digital sovereignty (Element)
The second session examined a different dimension of resilience: systemic dependency on centralised digital infrastructure. Over the past decade, European organisations have become deeply reliant on a small number of global technology providers. This dependency spans cloud infrastructure, collaboration platforms, cybersecurity services, and communication systems.
Recent large-scale outages demonstrated the fragility of this model. Global disruptions in cloud services and security platforms have shown how quickly essential services, from aviation and healthcare to logistics and financial systems, can become unavailable.
Beyond technical failure, the discussion highlighted a second-order risk: digital coercion. In multiple cases, access to critical digital services has been restricted or suspended due to geopolitical pressure or compliance with external legal frameworks.
The core argument is that digital sovereignty is often misunderstood as vendor substitution. In reality, it is not about replacing one dependency with another, but about ensuring structural autonomy. Three operational principles emerged: avoid irreversible vendor lock-in, prioritise open standards and open-source foundations, and ensure the ability to self-host or switch providers when necessary.
However, the discussion also challenged the terminology itself. “Sovereignty” was seen by some participants as insufficiently precise. A more operational framing is emerging: self-sufficiency under stress conditions.
A critical insight was the imbalance between software sovereignty debates and hardware dependencies. Without control or diversification in underlying supply chains, software autonomy remains incomplete.
Finally, the discussion extended beyond institutions to individuals, introducing the concept of personal data sovereignty as part of broader societal resilience. The overarching conclusion: resilience is not defined by optimal conditions, but by whether systems continue to function when optimal conditions disappear.
Matthew Hodgson, CEO / CTO at Element
Doc-Read III: Federation and cloud roaming (Facis)
The third session addressed the architectural question underpinning European digital resilience: how to maintain continuity without centralisation. Europe’s digital landscape remains highly fragmented, with national and organisational systems operating as isolated “digital islands.” At the same time, a significant proportion of critical infrastructure depends on non-European cloud providers, creating structural dependencies that limit strategic flexibility.
The proposed answer is federation. Federation enables independent systems to interoperate without surrendering control over data or governance. Instead of consolidating infrastructure into a single platform, federation connects distributed systems through shared standards and interoperable interfaces. This creates a structural shift: from centralised systems to connected autonomy.
A key extension of this model is cloud roaming; the ability for digital services to transition between providers dynamically, ensuring continuity in the event of disruption. This introduces “Plan B and Plan C” capability as a design principle rather than an exception.
Trust, in this model, is no longer assumed. It is engineered through standardisation, verifiable digital identities, and transparent interaction rules. Trust becomes a property of infrastructure design rather than interpersonal agreement.
The session also highlighted implementation efforts already underway, including multi-provider cloud-edge initiatives and machine-readable agreements designed to enable cross-border interoperability. The central conclusion is that resilience does not require eliminating disruption. It requires ensuring that systems can adapt and continue operating across disruption.
Andreas Weiss, Managing Director at eco
Doc-Read IV: Prepared on paper, fragile in reality (Sopra Steria)
The fourth session examined a structural paradox in European crisis management: systems are prepared individually, but fail collectively. European crisis plans are typically well-defined within national or sectoral boundaries. Roles and responsibilities are clear, and procedures are robust for contained incidents. However, modern infrastructure operates as a cross-border network, where disruptions propagate across systems rather than remaining isolated.
A cascading airport scenario illustrated the issue. A single security incident at a major hub triggered rerouting, capacity overload, and downstream congestion across multiple countries and transport modes. Each actor followed correct procedures, yet the system as a whole became increasingly unstable. The core issue is not procedural failure, but interaction failure.
Key structural gaps include pressure displacement across interconnected systems, distributed responsibility without system-level authority, and the absence of a stabilisation point for cascading effects. The same pattern appears across energy, telecom, logistics, and digital infrastructures.
The central tension is governance-related: Europe has coordination mechanisms, but no unified authority capable of stabilising cross-border cascades once they emerge. This raises a fundamental question: if a cross-border disruption occurs tomorrow, what fails first: systems, procedures, or decision authority? The ambiguity itself is the vulnerability.
Ganen Sethupathy, Partner at Sopra Steria
Resilience as a federated operating system
Taken together, the four Doc-Reads point to a single underlying structure:
European resilience is not a single domain problem. It is an operating system problem.
It spans four interdependent layers:
- Infrastructure layer: federated cloud and compute continuity
- Intelligence layer: shared situational awareness and COP structures
- Sensemaking layer: iterative, document-based collective reasoning
- Governance layer: cross-border crisis coordination and authority gaps
The Doc-Read format itself operates as a prototype of this fourth layer; a structured mechanism for refining shared understanding in real time.
From fragmentation to federated resilience
The European Resilience Summit in London demonstrated two parallel innovations. The first is conceptual: a clearer understanding of how modern resilience fails. Not through isolated breakdowns, but through interaction effects across fragmented systems. The second is methodological: a shift from presentation-based discourse to document-driven collective reasoning.
The key insight is not that Europe needs more coordination, more data, or more governance structures in isolation. It is that resilience emerges when fragmented systems become capable of seeing the same signals, interpreting them consistently, and adapting collectively without centralisation. The Doc-Read format does not resolve these challenges. But it makes them discussable in a more precise and operational way. And in complex systems, that is often the first step toward making them solvable. 
Five systemic insights
Across all four Doc-Reads, several converging patterns emerged.
- Abstraction is a prerequisite for action
Complex resilience challenges collapse when discussed at the wrong level of abstraction. Too much detail creates fragmentation; too much generality eliminates operational relevance.
- Enablement matters more than solutioning
Directly seeking fixed solutions in complex systems produces iterative dead ends. The more effective approach is to design capabilities and enable adaptive response structures.
- Situational awareness is a precision problem, not a data problem
Europe does not lack information. It lacks shared operational interpretation, thresholds, and synchronised definitions.
- Resilience is constrained by cross-border scaling mismatch
Many systems are designed for national logic, while disruptions are inherently transnational. This creates structural asymmetry between governance and infrastructure reality.
- Digital sovereignty is evolving into self-sufficiency under stress
Traditional sovereignty language is increasingly insufficient. The operational question is whether systems remain functional under isolation, disruption, or coercion.